Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Got Garbled character after sending uint8_t* pointer to the enclave

DylanWang
Novice
‎07-14-2021 03:54 PM
721 Views
Solved Jump to solution

Hi, Team!

I sent multiple uint8_t* pointers to the enclave and want to reconstruct the strings inside the enclave, the character is correct before passing it to the enclave while shows garbled characters inside the enclave. Detailed code is shown below:

// Untrusted Code
stringstream css;
size_t ectxt_len = resCtxt.size();
size_t* hostCtxt_length;
hostCtxt_length = (size_t*)malloc(ectxt_len * sizeof(size_t));
uint8_t** ectxt;
ectxt = (uint8_t**)malloc(ectxt_len * sizeof(uint8_t*));
 
for (size_t i = 0; i < ectxt_len; i++)
{        
       css.str(string());
       css.clear();
       resCtxt[i].writeTo(css);
       HostCtxtTemp = css.str();
       hostCtxt_length[i] = HostCtxtTemp.length();
       ectxt[i] = (uint8_t*) HostCtxtTemp.c_str();
}
// EDL function
multipleCtxtsTransform(enclave, &ret, ectxt, hostCtxt_length, ectxt_len)
//Enclave Code
for (size_t i = 0; i <ectxt_len; i++)
{
      printf("check ectxt[i]: %s\n", hostCtxt[i]);
      string temp = string(hostCtxt[i], hostCtxt[i] + hostCtxt_length[i]);
     ---------------OMIT--------------------
}
 
Result:
// Before ECALL, in untrusted region
check hostCtxt_length[0]: 246056
check ectxt[0]: |HE[
check hostCtxt_length[1]: 246056
check ectxt[1]: |HE[
 
// After ECALL, get the garbled characters inside the enclave
Enclave: check hostCtxt_length[i]=: 246056
check ectxt: �
 
P.S.
Expected characters should be |HE[ inside the enclave.
As we can see, I have already allocated memory using malloc outside the enclave.
The garbled characters will change in each run. It's strange.
0 Kudos
1 Solution
DylanWang
Novice
‎07-15-2021 04:13 PM
694 Views
Solved Jump to solution
In response to JesusG_Intel

Hi Jesus,

Sry, I forgot to post EDL here.

public int multipleCtxtsTransform(
[in, count=num_resCtxt] uint8_t** hostCtxt,
[in, count=num_resCtxt] size_t* hostCtxt_length,
size_t num_resCtxt,
[out] uint8_t*** octxt,
[out] size_t** octxt_lengths,
[out] size_t* octxt_len);
 
And I have solved this issue, it's due to the memory allocation for 2-dimensional array in untrusted region.
Many thanks for your help!

View solution in original post

In response to JesusG_Intel
0 Kudos
Copy link

Link Copied

3 Replies
JesusG_Intel
Moderator
‎07-15-2021 03:32 PM
700 Views
Solved Jump to solution

Hello DylanWang,


In the ecall function definition in the EDL file, you have to designate a pointer direction, [in], [out[], [user_check]. In your case, your [in] before the pointers that contain the characters you want to pass to the enclave. Refer to the section Pointer Handling in the SGX Developer Reference Guide for your OS. Also find more information here: https://software.intel.com/content/www/us/en/develop/articles/intel-software-guard-extensions-developing-a-sample-enclave-application.html, by searching for "[in]" within the page.


Sincerely,

Jesus G.

Intel Customer Support


0 Kudos
Copy link
DylanWang
Novice
‎07-15-2021 04:13 PM
695 Views
Solved Jump to solution
In response to JesusG_Intel

Hi Jesus,

Sry, I forgot to post EDL here.

public int multipleCtxtsTransform(
[in, count=num_resCtxt] uint8_t** hostCtxt,
[in, count=num_resCtxt] size_t* hostCtxt_length,
size_t num_resCtxt,
[out] uint8_t*** octxt,
[out] size_t** octxt_lengths,
[out] size_t* octxt_len);
 
And I have solved this issue, it's due to the memory allocation for 2-dimensional array in untrusted region.
Many thanks for your help!
In response to JesusG_Intel
0 Kudos
Copy link
JesusG_Intel
Moderator
‎07-15-2021 04:21 PM
692 Views
Solved Jump to solution

Thank you for confirming you solved the issue, DylanWang.


This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.


0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.